resources/benchmarks/playbooks/provision.yml
---
- name: 'Hetzner Cloud Server Provision'
hosts: all
gather_facts: true
vars_files:
- ../vars/{{ ansible_host }}.yml
tasks:
- name: 'Ensure latest packages are installed'
apt:
name: '*'
state: latest
- name: 'Ensure ubuntu fire wall denys in traffic by default'
ufw:
direction: incoming
policy: deny
- name: 'Ensure ubuntu fire wall allows out traffic by default'
ufw:
direction: outgoing
policy: allow
- name: 'Ensure access to tcp port 22'
ufw:
rule: allow
port: '22'
- name: 'Ensure ubuntu fire wall is activated'
ufw:
state: enabled
- name: 'Ensure Docker GPG key is added'
apt_key: url=https://download.docker.com/linux/ubuntu/gpg
- name: 'Ensure Docker APT repository is added'
apt_repository:
repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_lsb.codename }} stable
- name: 'Ensure required packages are installed'
apt:
name: ['apt-transport-https','ca-certificates','curl','software-properties-common','docker-ce','zip','unzip','git', 'python3-pip']
state: present
update_cache: yes
- name: 'Ensure latest docker-compose is installed'
shell:
cmd: |
pip3 install docker-compose
docker-compose --version
- name: 'Ensure group appuser exists'
group:
name: appuser
state: present
- name: 'Ensure user appuser exists'
user:
name: appuser
uid: 2000
group: appuser